<?php
/*
+--------------------------------------------------------------------------
|   AffiliStore 2
|   ========================================
|   Web: http://www.affilistore.com
|   Email: admin (at) affilistore (dot) com
|	License Type: AffiliStore 2 is NOT open source software and limitations apply 
|   Licence Info: Visit AffiliStore website and click on 'Licence'
+--------------------------------------------------------------------------
*/
// checks to see if password session is set
// if not redirects to ../admin/
if(!$auth->getIdentity()){
	header('Location: ../index.php?case=account&act=login');
}


// all of your payment details
$query = "SELECT * FROM affiliSt_accounts WHERE accUsername = '".$auth->getIdentity()."'";
$userResult = mysql_query($query);
$user = mysql_fetch_assoc($userResult);
$userId = $user['accId']; 
$getThePaymentDetails = mysql_query("SELECT * FROM affiliSt_payments WHERE accId = ".$userId);
$thePaymentDetails = mysql_fetch_assoc($getThePaymentDetails);

/**
 * Get authentication object to get account id
 */
?>		
<fieldset>
<legend>Your Payment</legend>
<table cellpadding="6" cellspacing="0" border="0" width="100%">
<tr>
<th align="left" valign="top">Payment Id</th>
<th align="left" valign="top">Amount</th>
<th align="left" valign="top">Date</th>
<th align="left" valign="top">Status</th>
</tr>
<?php
do {		
	echo('<tr><td style="border-top:1px solid #cccccc">'.$thePaymentDetails['pgmId'].'</td><td style="border-top:1px solid #cccccc">$'.$thePaymentDetails['pgmGross'].'</td><td style="border-top:1px solid #cccccc">'.$thePaymentDetails['pgmDate'].'</td><td style="border-top:1px solid #cccccc">'.$thePaymentDetails['pgmStatus'].'</td></tr>');
} while ($thePaymentDetails = mysql_fetch_assoc($getThePaymentDetails));	
?>
</table>
</fieldset>
	
<?php if ($_GET['act'] == 'cancel'):
	include_once '../includes/models/Payment.php';
	$payment = new Payment();
	$results = $payment->delete('pgmId = '.$payment->getAdapter()->quote($_GET['id']));
	?>
	<fieldset><legend>Succesfully cancel your payment</legend></fieldset>
<?php elseif ($_GET['act'] == 'review'):
	include_once '../includes/models/Payment.php';
	$payment = new Payment();
	$id = $payment->insert(array(
		'accId' => $userId,
		'pgmGross' => $_POST['amount'],
	));
	?>
	<fieldset>
	<legend>Review your payment</legend>
	<p class="notice">You about to place a payment from <?php echo $_POST['item_name']?> 
	with amount $<?php echo $_POST['amount']?> for Shopnmatch.com, do you
	 want to proceed? or <a href="<?php echo $installDir['value'].'merchant/userpanel.php?ad=pm&act=cancel&id='.$id ?>">cancel it here</a>
	</p>
	<form action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post">
	<input type="hidden" name="cmd" value="_xclick">
	<input type="hidden" name="business" value="snm_1253418264_biz@gmail.com">
	<input type="hidden" name="item_name" value="<?php echo $_POST['item_name']?>">
	<input type="hidden" name="item_number" value="<?php echo $id ?>">
	<input type="hidden" name="amount" value="<?php echo $_POST['amount']?>">
	<input type="hidden" name="no_shipping" value="1">
	<input type="hidden" name="no_note" value="1">
	<input type="hidden" name="currency_code" value="USD">
	<input type="hidden" name="bn" value="PP-BuyNowBF">
	<input type="image" src="https://www.sandbox.paypal.com/en_US/i/btn/x-click-but23.gif" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
	<img alt="" border="0" src="https://www.sandbox.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
	</form>
	</fieldset>
<?php else: ?>
<fieldset>
<legend>Place new Payment to Admin</legend>
<form action="<?php echo $installDir['value'].'merchant/userpanel.php?ad=pm&act=review' ?>" method="post">
<input type="hidden" name="item_name" value="<?php echo $auth->getIdentity()?>">
<input type="hidden" name="item_number" value="<?php echo $userId?>">
<label>Amount : $</label>
<input type="text" name="amount" value="10.00">
<input type="submit" value="Pay" />"
</form>
</fieldset>
<?php endif; ?>